JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

2006-11-29 Eric Blake <ebb9@byu.net>

Browse Source 
* libc/stdio/fvwrite.c (__sfvwrite_r): Avoid off-by-one error in
        asprintf, as well as quadratic realloc behavior.
This commit is contained in:
Jeff Johnston
2006-11-29 21:36:54 +00:00
parent 80c6ead242
commit c4c7f13966
2 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
newlib/ChangeLog
View File

@@ -1,4 +1,9 @@
2006-11-29 Kazunori Asayama <asayama@sm.sony.co.jp>
2006-11-29 Eric Blake <ebb9@byu.net>
* libc/stdio/fvwrite.c (__sfvwrite_r): Avoid off-by-one error in
asprintf, as well as quadratic realloc behavior.
2006-11-29 Kazunori Asayama <asayama@sm.sony.co.jpi
* libc/machine/spu/memset.c: Fix type of explicit cast.
* libc/machine/spu/strncmp.c: Add explicit cast.

21
newlib/libc/stdio/fvwrite.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1990 The Regents of the University of California.
* Copyright (c) 1990, 2006 The Regents of the University of California.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
@@ -127,13 +127,23 @@ _DEFUN(__sfvwrite_r, (ptr, fp, uio),
w = fp->_w;
if (fp->_flags & __SSTR)
{
if (len > w && fp->_flags & __SMBF)
if (len >= w && fp->_flags & __SMBF)
{ /* must be asprintf family */
unsigned char *ptr;
int curpos = (fp->_p - fp->_bf._base);
/* Choose a geometric growth factor to avoid
quadratic realloc behavior, but use a rate less
than (1+sqrt(5))/2 to accomodate malloc
overhead. asprintf EXPECTS us to overallocate, so
that it can add a trailing \0 without
reallocating. The new allocation should thus be
max(prev_size*1.5, curpos+len+1). */
int newsize = fp->_bf._size * 3 / 2;
if (newsize < curpos + len + 1)
newsize = curpos + len + 1;
ptr = (unsigned char *)_realloc_r (_REENT,
fp->_bf._base,
curpos + len);
newsize);
if (!ptr)
{
/* Free buffer which is no longer used. */
@@ -142,8 +152,9 @@ _DEFUN(__sfvwrite_r, (ptr, fp, uio),
}
fp->_bf._base = ptr;
fp->_p = ptr + curpos;
fp->_bf._size = curpos + len;
w = fp->_w = len;
fp->_bf._size = newsize;
w = len;
fp->_w = newsize - curpos;
}
if (len < w)
w = len;